Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60508

Nodes Patterns

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Hello,

      Im trying to restrict the nodes in jenkins but doesn't matters what i do, always shows me that the user has lack of permission.

      Jenkins v2.190.3

      Role-based Authorization Strategy v2.15

      Authorize Project v1.3.0

       

      So for this example is:

      Acces Control:

      • Role-Based Strategy 

      Access Control for Builds:

      • Project default Build Authorization
           - Strategy Run as anonymous

      (the idea is make it work with Run as the user who triggered the build)

       

      Later, I have this configuration:

      • A global role called general which just have view
      • A Slave role which the pattern is "gradle-.* (I tested with gradle*, gradle.* and even with .*)
      • Both roles assigned to anonymous

       

      So when i run a pipeline with a dynamic agent in kubernetes shows me:

      Started by user XXXXXX
      Running as anonymous

      which is ok, after this, the agent is created, connected to jenkins but the job is waiting forever for the agent and if the agent is already connected shows:

      ‘anonymous’ lacks permission to run on ‘gradle-xxxxxx’

       

      The only way to fix this is run as SYSTEM or add build privileges to "general" global role.

       

      From jenkins logs, nothing relevant is showed up.

        Attachments

          Activity

          matandomuertos Nahuel Cassinari created issue -
          faucherb94 Ben Faucher made changes -
          Field Original Value New Value
          Priority Minor [ 4 ] Major [ 3 ]

            People

            Assignee:
            oleg_nenashev Oleg Nenashev
            Reporter:
            matandomuertos Nahuel Cassinari
            Votes:
            3 Vote for this issue
            Watchers:
            7 Start watching this issue

              Dates

              Created:
              Updated: